User's Manual
Table Of Contents
- Foreword
- Important Safeguards and Warnings
- 1 Overview
- 2 Local Operations
- 2.1 Basic Configuration Procedure
- 2.2 Common Icons
- 2.3 Standby Screen
- 2.4 Initialization
- 2.5 Logging In
- 2.6 Network Communication
- 2.7 User Management
- 2.8 Access Management
- 2.9 Attendance Management
- 2.10 System
- 2.11 USB Management
- 2.12 Configuring Features
- 2.13 Unlocking the Door
- 2.14 Viewing Unlock Logs
- 2.15 System Information
- 3 Web Operations
- 3.1 Initialization
- 3.2 Logging In
- 3.3 Resetting the Password
- 3.4 Configuring Door Parameter
- 3.5 Intercom Configuration
- 3.6 Configuring Time Sections
- 3.7 Data Capacity
- 3.8 Configuring Video and Image
- 3.9 Configuring Face Detection
- 3.10 Configuring Network
- 3.11 Safety Management
- 3.12 User Management
- 3.13 Configuring Voice Prompts
- 3.14 Maintenance
- 3.15 Configuration Management
- 3.16 Upgrading System
- 3.17 Viewing Version Information
- 3.18 Viewing Logs
- 4 Smart PSS Lite Configuration
- Appendix 1 Important Points of Intercom Operation
- Appendix 2 Important Points of QR Code Scanning
- Appendix 3 Important Points of Fingerprint Registration Instructions
- Appendix 4 Important Points of Face Registration
- Appendix 5 Cybersecurity Recommendations
86
Appendix 5 Cybersecurity Recommendations
Mandatory actions to be taken for basic device network security:
1. Use Strong Passwords
Please refer to the following suggestions to set passwords:
The length should not be less than 8 characters.
Include at least two types of characters; character types include upper and lower case
letters, numbers and symbols.
Do not contain the account name or the account name in reverse order.
Do not use continuous characters, such as 123, abc, etc.
Do not use overlapped characters, such as 111, aaa, etc.
2. Update Firmware and Client Software in Time
According to the standard procedure in Tech-industry, we recommend to keep your device
(such as NVR, DVR, IP camera, etc.) firmware up-to-date to ensure the system is equipped
with the latest security patches and fixes. When the device is connected to the public
network, it is recommended to enable the “auto-check for updates” function to obtain
timely information of firmware updates released by the manufacturer.
We suggest that you download and use the latest version of client software.
"Nice to have" recommendations to improve your device network security:
1. Physical Protection
We suggest that you perform physical protection to device, especially storage devices. For
example, place the device in a special computer room and cabinet, and implement well-done
access control permission and key management to prevent unauthorized personnel from
carrying out physical contacts such as damaging hardware, unauthorized connection of
removable device (such as USB flash disk, serial port), etc.
2. Change Passwords Regularly
We suggest that you change passwords regularly to reduce the risk of being guessed or cracked.
3. Set and Update Passwords Reset Information Timely
The device supports password reset function. Please set up related information for password
reset in time, including the end user’s mailbox and password protection questions. If the
information changes, please modify it in time. When setting password protection questions, it is
suggested not to use those that can be easily guessed.
4. Enable Account Lock
The account lock feature is enabled by default, and we recommend you to keep it on to guarantee
the account security. If an attacker attempts to log in with the wrong password several times, the
corresponding account and the source IP address will be locked.
5. Change Default HTTP and Other Service Ports
We suggest you to change default HTTP and other service ports into any set of numbers between
1024–65535, reducing the risk of outsiders being able to guess which ports you are using.
6. Enable HTTPS
We suggest you to enable HTTPS, so that you visit Web service through a secure communication
channel.
7. MAC Address Binding
We recommend you to bind the IP and MAC address of the gateway to the device, thus reducing
the risk of ARP spoofing.
8. Assign Accounts and Privileges Reasonably
According to business and management requirements, reasonably add users and assign a
minimum set of permissions to them.
9. Disable Unnecessary Services and Choose Secure Modes
If not needed, it is recommended to turn off some services such as SNMP, SMTP, UPnP, etc., to
reduce risks.
If necessary, it is highly recommended that you use safe modes, including but not limited to the
following services: